Novell Home

Avoid Ctrl-Alt-Del on Login

Novell Cool Solutions: Tip
By Dean Mar

Digg This - Slashdot This

Posted: 22 Apr 2003
 

When you log into Novell a control-alt-delete screen comes up. Some users don't like this.

SOLUTION: Go to the WIN 2000 control panel, advanced tab and uncheck the lower box that says Require users to press ctrl-atl-delete before logging on.

If you have any questions you may contact Dean at dmar@cdfa.ca.gov

Other Suggestions

Bjorn

This only works when a computer is NOT a member of a Domain. It ONLY works when the PC is in a Workgroup.

Dave Mackler

This posting is incorrect. One must go to "Users and Passwords" in Control Panel, then to the Advanced tab in that dialog box to make this change.

Anonymous

Over time the check box for disable ctrl-alt-delete becomes greyed out with the check mark checked and you are not able to uncheck.

Matthew Quinn

It's true, that this does lower the overall security. The main reason for the CTRL+ALT+DEL (or "CAD") screen is to try and stop any other program from impersonating the login box (therefore capturing typed-in passwords), because no other program is supposed to be able to "map" or "capture" that CAD press, only windows itself.

Actually this can be worked around by either running a keylogger in the SYSTEM context at the login prompt (done thru the registry, like LSASS.EXE is loaded) or by modifying/replacing the GINA DLL, but hey, no one would do that, right? *grin*.

If you want a network-distributable solution (meaning, something that can be force-run by NAL or a similar method) then change the following registry DWORD value:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"DisableCAD"=dword:00000001

via an empty force-run object with this registry attached, or a batch file like the one below, or some other way.

BATCH:

---------------------------------------------------
SET TEMP=C:\WINNT\TEMP
ECHO [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]>%TEMP%\{NoCAD}.reg
ECHO.>>%TEMP%\{NoCAD}.reg
ECHO "DisableCAD"=dword:00000001>>%TEMP%\{NoCAD}.reg
ECHO.>>%TEMP%\{NoCAD}.reg
ECHO.>>%TEMP%\{NoCAD}.reg
START %TEMP%\{NoCAD}.reg
DEL %TEMP%\{NoCAD}.reg
----------------------------------------------------

NOTE: I don't know if the last line will interfere with the import, but if it does then just omit it from your own batch file/script (I just prefer to clean up after myself).

If you have any questions you may contact Matthew at mquinn@kenmoreshs.qld.edu.au


Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com

© 2014 Novell